library/ajax/code_attributes_ajax.php

   1 <?php
   2 /**
   3  * Given a code type, code, selector and price level for a service or product, this creates
   4  * JavaScript that will call the user's handler passing the following arguments:
   5  * code type, code, description, price, warehouse options.
   6  * Upload designated service codes as "services=" attributes for designated layouts.
   7  * This supports specifying related codes to determine the service codes to be used.
   8  *
   9  * @package   OpenEMR
  10  * @link      https://www.open-emr.org
  11  * @author    Rod Roark <rod@sunsetsystems.com>
  12  * @author    Brady Miller <brady.g.miller@gmail.com>
  13  * @copyright Copyright (c) 2015-2017 Rod Roark <rod@sunsetsystems.com>
  14  * @copyright Copyright (c) 2018 Brady Miller <brady.g.miller@gmail.com>
  15  * @license   https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
  16  */
  17
  18 require_once("../../interface/globals.php");
  19 require_once("$fileroot/custom/code_types.inc.php");
  20 require_once("$fileroot/interface/drugs/drugs.inc.php");
  21
  22 //verify csrf
  23 if (!verifyCsrfToken($_GET["csrf_token_form"])) {
  24     csrfNotVerified();
  25 }
  26
  27 function write_code_info($codetype, $code, $selector, $pricelevel)
  28 {
  29     global $code_types;
  30
  31     $wh = ''; // options for warehouse selection
  32
  33     if ($codetype == 'PROD') {
  34         $wrow = sqlQuery(
  35             "SELECT default_warehouse FROM users WHERE username = ?",
  36             array($_SESSION['authUser'])
  37         );
  38         $defaultwh = empty($wrow['default_warehouse']) ? '' : $wrow['default_warehouse'];
  39       //
  40         $crow = sqlQuery(
  41             "SELECT d.name, p.pr_price " .
  42             "FROM drugs AS d " .
  43             "LEFT JOIN prices AS p ON p.pr_id = d.drug_id AND p.pr_selector = ? AND p.pr_level = ? " .
  44             "WHERE d.drug_id = ?",
  45             array($selector, $pricelevel, $code)
  46         );
  47         $desc = $crow['name'];
  48         $price = empty($crow['pr_price']) ? 0 : (0 + $crow['pr_price']);
  49       //
  50         $lres = sqlStatement("SELECT * FROM list_options " .
  51         "WHERE list_id = 'warehouse' AND activity = 1 ORDER BY seq, title");
  52         $wh .= "<option value=''></option>";
  53         while ($lrow = sqlFetchArray($lres)) {
  54             $wh .= "<option value='" . attr($lrow['option_id']) . "'";
  55             $has_inventory = sellDrug($code, 1, 0, 0, 0, 0, '', '', $lrow['option_id'], true);
  56             if ($has_inventory && (
  57             (strlen($defaultwh) == 0 && $lrow['is_default']           ) ||
  58             (strlen($defaultwh)  > 0 && $lrow['option_id'] == $default))) {
  59                 $wh .= " selected";
  60             } else {
  61               // Disable this warehouse option if not selected and has no inventory.
  62                 if (!$has_inventory) {
  63                     $wh .= " disabled";
  64                 }
  65             }
  66             $wh .= ">" . text(xl_list_label($lrow['title'])) . "</option>";
  67         }
  68     } else {
  69       // not PROD
  70         $cres = return_code_information($codetype, $code, false);
  71         $desc = '';
  72         $price = 0;
  73         if ($crow = sqlFetchArray($cres)) {
  74             $desc = trim($crow['code_text']);
  75             if ($code_types[$codetype]['fee']) {
  76                 if ($code_types[$codetype]['external'] == 0) {
  77                     $prow = sqlQuery(
  78                         "SELECT pr_price " .
  79                         "FROM prices WHERE pr_id = ? AND pr_selector = '' AND pr_level = ? " .
  80                         "LIMIT 1",
  81                         array($crow['id'], $pricelevel)
  82                     );
  83                     if (!empty($prow['pr_price'])) {
  84                         $price = 0 + $prow['pr_price'];
  85                     }
  86                 } else {
  87                   // external code set with fees, prices table not supported
  88                     $price = 0 + $crow['fee'];
  89                 }
  90             }
  91         }
  92     }
  93
  94   // error_log("Warehouse string is: " . $wh); // debugging
  95
  96     echo "code_attributes_handler(" .
  97     js_escape($codetype) . "," .
  98     js_escape($code) . "," .
  99     js_escape($desc) . "," .
 100     js_escape($price) . "," .
 101     js_escape($wh) . ");";
 102 }
 103
 104 $pricelevel = isset($_GET['pricelevel']) ? $_GET['pricelevel'] : '';
 105
 106 if (!empty($_GET['list'])) {
 107   // This case supports packages of codes.
 108     $arrcodes = explode('~', $_GET['list']);
 109     foreach ($arrcodes as $codestring) {
 110         if ($codestring === '') {
 111             continue;
 112         }
 113         $arrcode = explode('|', $codestring);
 114         $codetype = $arrcode[0];
 115         list($code, $modifier) = explode(":", $arrcode[1]);
 116         $selector = isset($arrcode[2]) ? $arrcode[2] : '';
 117         write_code_info($codetype, $code, $selector, $pricelevel);
 118     }
 119 } else {
 120   // This is the normal case of adding a single code.
 121     $codetype   = isset($_GET['codetype'  ]) ? $_GET['codetype'  ] : '';
 122     $code       = isset($_GET['code'      ]) ? $_GET['code'      ] : '';
 123     $selector   = isset($_GET['selector'  ]) ? $_GET['selector'  ] : '';
 124     write_code_info($codetype, $code, $selector, $pricelevel);
 125 }